CVE-2018-1000117

MEDIUM

CPython 3.2-3.6.4 - Buffer Overflow in os.symlink() on Windows

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-1000117. PoCs published by u0pattern.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in the `os.symlink()` function in Python versions 3.2 to 3.6.4 on Windows. The PoC triggers the vulnerability by creating a symlink with an excessively long path, potentially leading to arbitrary code execution or privilege escalation.

Description

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

Exploits (1)

nomisec WORKING POC 3 stars
by u0pattern · poc
https://github.com/u0pattern/CVE-2018-1000117-Exploit

This exploit demonstrates a buffer overflow vulnerability in the `os.symlink()` function in Python versions 3.2 to 3.6.4 on Windows. The PoC triggers the vulnerability by creating a symlink with an excessively long path, potentially leading to arbitrary code execution or privilege escalation.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Python Software Foundation CPython (3.2 to 3.6.4 on Windows)
No auth needed
Prerequisites: Python 3.2 to 3.6.4 installed on Windows · Ability to execute Python scripts on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
https://github.com/python/cpython/pull/5989
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugs.python.org/issue33001

Scores

CVSS v3 6.7
EPSS 0.0111
EPSS Percentile 61.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (2)
python/python 3.7.0 beta1 (5 CPE variants)
python/python 3.2.0 - 3.4.9
Published Mar 07, 2018
Tracked Since Feb 18, 2026